Google pumped more life into the use of physical keys as a second form of authentication when it added Security Key enforcement support to G Suite.

This week HTTPS hit a huge milestone. According to a two-week survey of telemetry data from the Mozilla Firefox browser, 50 percent of page loads used HTTPS.

Academics studying 283 Android VPN apps quantified a number of problems associated with native platform support for VPN clients through the BIND_VPN_SERVICE.

Citing security concerns, Google announced that it will soon block JavaScript (.js) file attachments in Gmail.

Researcher Mariusz Mlynski found and disclosed four high-severity vulnerabilities in Chrome’s Blink rendering engine, earning himself $32,000 through the Chrome Rewards program.

Google this week explained how it weighs potentially harmful Android apps using the Verify Apps malware scanner and a scoring system it calls Dead or Insecure.

Google has taken a big step toward simplifying public key lookups at Internet scale with the release to open source on Thursday of Key Transparency.

Google patched a critical hole in its problematic Android Mediaserver component that could have allowed an attacker to use email, web browsing, and MMS processing of media files to remotely execute code.

Confidential documents and data belonging to Box.com users were accessible via search engine queries. Box.com has “fixed” the issue.

Google on Monday announced Project Wycheproof, a collection of unit tests designed to help check for weaknesses in cryptographic algorithms.